Webinar Replay

Recorded Webinars

  • Protecting the Crown Jewels from Devastating Data Breaches
    November 19, 2014
    + View Summary

    Whether they realize it or not, all enterprises have valuable data to protect. Credit card information, trade secrets, and patient data, for example, are all prime targets for cyber criminals.

    You can reduce risk to your sensitive data through the use of compliance/segmentation monitoring. But what happens when malicious insiders or external attackers bypass these controls?

    Join Lancope’s Consulting Security Architect, Charles Herring, to learn how network behavioral anomaly detection (NBAD) and deep visibility through NetFlow can be used to quickly alert administrators to these violations. Discover how to detect anomalies such as data hoarding and data loss to more effectively safeguard your crown jewels.

    Video

    Slides



    More Info

     

  • The Library of Sparta
    October 30, 2014
    + View Summary

    On today's increasingly militarized Internet, companies, non-profits, activists, and individual hackers are forced to melee with nation-state class adversaries. Just as one should never bring a knife to a gunfight, a network defender should not rely on tired maxims such as “perimeter defense” and “defense in depth”. Today’s adversaries are well past that. This webinar provides:

    • Key insights into what we call the Library of Sparta - the collective written expertise codified into military doctrine. Hidden in plain sight, vast free libraries contain the time-tested wisdom of combat at the tactical, operational, and strategic levels.
    • Better understanding on how adversaries will target your organization, and it will help you to employ military processes and strategies in your defensive operations.
    • Provide you with new approaches and examples about how to translate and employ doctrinal concepts in your current operations.

    Video



    More Info

     

  • Looking for the Weird: Detecting "Bad" Traffic and Abnormal Network Behavior
    October 22, 2014
    + View Summary

    Signature detection of attacks requires an understanding of what is “bad” traffic. Unfortunately, advanced attackers are crafting innovative and persistent attacks that create a new brand of “bad” that has no signature. Today’s organizations must instead embrace more forward-thinking security measures such as behavioral analysis in order to identify threats that bypass conventional defenses.

    Discover how:

    • Sophisticated attackers are bypassing conventional, signature-based security solutions
    • NetFlow analysis can detect both known and unknown threats by identifying anomalous behaviors that could signify an attack
    • Leveraging flow data can significantly improve threat detection, incident response and network forensics

    Video



    More Info

     

  • Cisco CSIRT Case Study: Forensic Investigations with NetFlow
    August 21, 2014
    + View Summary

    Cisco CSIRT uses NetFlow to collect 16 billion flows from Cisco’s 175TB of traffic observed daily. The data is used to monitor, investigate, and contain incidents using 3 key playbook "plays" each day.

    Two leaders from Cisco's Computer Security Incident Response Team (CSIRT) review a real cyber incident and the resulting investigation leveraging NetFlow collected via the StealthWatch System.

    Learn how to use NetFlow and the StealthWatch System to:

    • Investigate top use cases: C&C discovery, data loss and DOS attacks
    • Gain contextual awareness of network activity
    • Accelerate incident response
    • Minimize costly outages and downtime from threats
    • Protect the evolving network infrastructure
    • Provide forensic evidence to prosecute adversaries

    Video



    More Info

     

  • Needs of a Modern Incident Response Program
    June 11, 2014
    + View Summary

    Recent high-profile data breaches highlight a dire need for improved incident response. Despite this fact, a recent survey indicated that typically, less than 10 percent of organizations’ security budgets are used for incident response activities.

    So how do we beef up incident response? Join Lancope and SANS to learn:

    • What your CSIRT should look like
    • Which processes, policies and best practices can be implemented to maximize its success
    • The tools required for your CSIRT to relentlessly hunt for and thwart advanced attackers 

    Video



    More Info

     

  • Securing the Data Center
    May 15, 2014
    + View Summary

    In light of the constant wave of security breaches making headlines around the world, many organizations are bolstering their network defenses with perimeter- and signature-based technologies. Unfortunately, these tools provide little protection for the data center where the majority of corporate assets and data are stored. 

    Join Lancope to learn how to protect the data center from dangerous attacks including advanced malware, APTs, insider threats and DDoS. Leverage your existing network resources to:

    • Obtain in-depth visibility into the data center, including virtual systems 
    • Quickly detect and address anomalies that could signify risks
    • Prevent devastating data loss
    • Accelerate incident response
    • Improve forensics and compliance

    Video

    Slides



    More Info

     

  • Insider Threat: Hunting for Authorized Evil
    April 25, 2014
    + View Summary

    Despite the fact that external attacks often get more attention in the media, recent data is proving that the threat posed by malicious, negligent or compromised insiders is indeed very real.

    The best way to detect and prevent insider threats is to have in-depth visibility into the internal environment and a means of filtering and prioritizing the massive amount of data available on the network into concise, actionable intelligence.

    Join Lancope’s Director of Research, Tom Cross, to learn strategies for managing the insider threat problem from both a business and technical point of view and discuss different techniques for identifying suspicious activity in large collections of data.

    Learn how to:

    • Detect an insider threats
    • Identify their network activity
    • Incorporate best practices to protect your organization from the insider threat

    Video

    Slides



    More Info

     

  • The OODA Loop: A Holistic Approach to Cyber Security
    March 27, 2014
    + View Summary
    • Understand how the motives and techniques of online attackers have changed over the last couple of decades
    • Realize why conventional security tools like firewalls and antivirus are no longer enough to fend off today’s advanced threats, and why more holistic cyber security strategies are needed
    • Know about the “OODA loop” and how it can be applied to cyber security to protect IT infrastructure and data from advanced adversaries
    • Understand how network data such as NetFlow can be cost-effectively collected and analyzed to feed and speed up your OODA loop
    • Have a strategy for dramatically improving incident response and forensics

    Video

    Slides

    More Info

     

  • Ponemon Report: Cyber Security Incident Response: Are we as prepared as we think?
    January 29, 2014
    + View Summary

    According to a recent study conducted by the Ponemon Institute, most organizations are ill-prepared to fend off the continuous onslaught of advanced cyber-attacks facing today’s governments and enterprises.

    Learn about the key mistakes organizations are making when it comes to incident response, presented by the chairman and founder of the Ponemon Institute, Dr. Larry Ponemon, and Lancope’s director of security research, Tom Cross. Then learn about how the right mix of people, processes and technology can dramatically improve your incident response efforts and elevate the importance of the CSIRT within your organization.

    Video

    Slides



    More Info

     

  • Cisco CSIRT Case Study: Forensic Investigations with NetFlow
    August 21, 2014
    + View Summary

    Cisco CSIRT uses NetFlow to collect 16 billion flows from Cisco’s 175TB of traffic observed daily. The data is used to monitor, investigate, and contain incidents using 3 key playbook "plays" each day.

    Two leaders from Cisco's Computer Security Incident Response Team (CSIRT) review a real cyber incident and the resulting investigation leveraging NetFlow collected via the StealthWatch System.

    Learn how to use NetFlow and the StealthWatch System to:

    • Investigate top use cases: C&C discovery, data loss and DOS attacks
    • Gain contextual awareness of network activity
    • Accelerate incident response
    • Minimize costly outages and downtime from threats
    • Protect the evolving network infrastructure
    • Provide forensic evidence to prosecute adversaries

    Video



    More Info

     

  • Needs of a Modern Incident Response Program
    June 11, 2014
    + View Summary

    Recent high-profile data breaches highlight a dire need for improved incident response. Despite this fact, a recent survey indicated that typically, less than 10 percent of organizations’ security budgets are used for incident response activities.

    So how do we beef up incident response? Join Lancope and SANS to learn:

    • What your CSIRT should look like
    • Which processes, policies and best practices can be implemented to maximize its success
    • The tools required for your CSIRT to relentlessly hunt for and thwart advanced attackers 

    Video

    Slides


    More Info
  • Cisco, Sourcefire and Lancope - Better Together
    February 28, 2014
    + View Summary

    Technology overview for Sourcefire FireSIGHT and Lancope StealthWatch including: 

    • Core features and functionality 
    • Market positioning and differentiators 
    • Technology integration for effective incident response

     

    Video

    Slides


    More Info
  • What’s New in StealthWatch v6.5
    April 21, 2014
    + View Summary

    Lancope’s latest release includes an intuitive Web interface and sophisticated alarming capabilities for enhanced usability, security analytics and early threat detection. The new version further improves incident response and network forensics for fending off today’s advanced attacks. Specific new features include:

    • The Operational Network & Security Intelligence (ONSI) dashboard, which keeps track of the attacker’s “kill chain,” providing administrators with awareness of how far attacks are progressing within their networks.
    • New “data hoarding” alarms that detect attackers who are moving stolen data around within internal networks or preparing it for exfiltration.
    • StealthWatch® Labs Security Updates that provide constantly updated, automated security capabilities in the StealthWatch System to detect the latest threats.
    • User-defined Threat Criteria, which enable administrators to monitor their networks for targeted attack activity based on specific threat intelligence.

    Video

    Slides


    More Info

  • HP Protects Massive, Global Network with StealthWatch
    November 19, 2013
    + View Summary

    Learn how HP relies on StealthWatch, along with its own HP Vertica solution, to:

     

    • improve network visibility and security across its enormously complex, global network
    • obtain in-depth information that enables its security teams to act more quickly and minimize potential damage
    • quickly detect anomalous activity, such as, DDoS, malware and network misuse

    “Network-based anomaly detection is a critical component of any enterprise cyber security framework…Lancope has proven to be a very effective addition to our cyber security arsenal.” 
    – Jim O’Shea, Network Security Architect, HP

    Video

    Slides


    More Info
  • The Library of Sparta
    October 30, 2014
    + View Summary

    On today's increasingly militarized Internet, companies, non-profits, activists, and individual hackers are forced to melee with nation-state class adversaries. Just as one should never bring a knife to a gunfight, a network defender should not rely on tired maxims such as “perimeter defense” and “defense in depth”. Today’s adversaries are well past that. This webinar provides:

    • Key insights into what we call the Library of Sparta - the collective written expertise codified into military doctrine. Hidden in plain sight, vast free libraries contain the time-tested wisdom of combat at the tactical, operational, and strategic levels.
    • Better understanding on how adversaries will target your organization, and it will help you to employ military processes and strategies in your defensive operations.
    • Provide you with new approaches and examples about how to translate and employ doctrinal concepts in your current operations.

    Video



    More Info

     

  • Looking for the Weird: Detecting "Bad" Traffic and Abnormal Network Behavior
    October 22, 2014
    + View Summary

    Signature detection of attacks requires an understanding of what is “bad” traffic. Unfortunately, advanced attackers are crafting innovative and persistent attacks that create a new brand of “bad” that has no signature. Today’s organizations must instead embrace more forward-thinking security measures such as behavioral analysis in order to identify threats that bypass conventional defenses.

    Discover how:

    • Sophisticated attackers are bypassing conventional, signature-based security solutions
    • NetFlow analysis can detect both known and unknown threats by identifying anomalous behaviors that could signify an attack
    • Leveraging flow data can significantly improve threat detection, incident response and network forensics

    Video



    More Info

     

  • Cisco CSIRT Case Study: Forensic Investigations with NetFlow
    August 21, 2014
    + View Summary

    Cisco CSIRT uses NetFlow to collect 16 billion flows from Cisco’s 175TB of traffic observed daily. The data is used to monitor, investigate, and contain incidents using 3 key playbook "plays" each day.

    Two leaders from Cisco's Computer Security Incident Response Team (CSIRT) review a real cyber incident and the resulting investigation leveraging NetFlow collected via the StealthWatch System.

    Learn how to use NetFlow and the StealthWatch System to:

    • Investigate top use cases: C&C discovery, data loss and DOS attacks
    • Gain contextual awareness of network activity
    • Accelerate incident response
    • Minimize costly outages and downtime from threats
    • Protect the evolving network infrastructure
    • Provide forensic evidence to prosecute adversaries

    Video



    More Info

     

  • Needs of a Modern Incident Response Program
    June 11, 2014
    + View Summary

    Recent high-profile data breaches highlight a dire need for improved incident response. Despite this fact, a recent survey indicated that typically, less than 10 percent of organizations’ security budgets are used for incident response activities.

    So how do we beef up incident response? Join Lancope and SANS to learn:

    • What your CSIRT should look like
    • Which processes, policies and best practices can be implemented to maximize its success
    • The tools required for your CSIRT to relentlessly hunt for and thwart advanced attackers 

    Video

    Slides


    More Info
  • Securing the Data Center
    May 15, 2014
    + View Summary

    In light of the constant wave of security breaches making headlines around the world, many organizations are bolstering their network defenses with perimeter- and signature-based technologies. Unfortunately, these tools provide little protection for the data center where the majority of corporate assets and data are stored. 

    Join Lancope to learn how to protect the data center from dangerous attacks including advanced malware, APTs, insider threats and DDoS. Leverage your existing network resources to:

    • Obtain in-depth visibility into the data center, including virtual systems 
    • Quickly detect and address anomalies that could signify risks
    • Prevent devastating data loss
    • Accelerate incident response
    • Improve forensics and compliance

    Video


    More Info
  • Insider Threat: Hunting for Authorized Evil
    April 25, 2014
    + View Summary

    Despite the fact that external attacks often get more attention in the media, recent data is proving that the threat posed by malicious, negligent or compromised insiders is indeed very real.

    The best way to detect and prevent insider threats is to have in-depth visibility into the internal environment and a means of filtering and prioritizing the massive amount of data available on the network into concise, actionable intelligence.

    Join Lancope’s Director of Research, Tom Cross, to learn strategies for managing the insider threat problem from both a business and technical point of view and discuss different techniques for identifying suspicious activity in large collections of data.

    Learn how to:

    • Detect an insider threats
    • Identify their network activity
    • Incorporate best practices to protect your organization from the insider threat

    Video

    Slides


    More Info
  • What’s New in StealthWatch v6.5
    April 21, 2014
    + View Summary

    Lancope’s latest release includes an intuitive Web interface and sophisticated alarming capabilities for enhanced usability, security analytics and early threat detection. The new version further improves incident response and network forensics for fending off today’s advanced attacks. Specific new features include:

    • The Operational Network & Security Intelligence (ONSI) dashboard, which keeps track of the attacker’s “kill chain,” providing administrators with awareness of how far attacks are progressing within their networks.
    • New “data hoarding” alarms that detect attackers who are moving stolen data around within internal networks or preparing it for exfiltration.
    • StealthWatch Labs Security Updates that provide constantly updated, automated security capabilities in the StealthWatch System to detect the latest threats.
    • User-defined Threat Criteria, which enable administrators to monitor their networks for targeted attack activity based on specific threat intelligence.

    Video


    More Info

     

  • The OODA Loop: A Holistic Approach to Cyber Security
    March 27, 2014
    + View Summary
    • Understand how the motives and techniques of online attackers have changed over the last couple of decades
    • Realize why conventional security tools like firewalls and antivirus are no longer enough to fend off today’s advanced threats, and why more holistic cyber security strategies are needed
    • Know about the “OODA loop” and how it can be applied to cyber security to protect IT infrastructure and data from advanced adversaries
    • Understand how network data such as NetFlow can be cost-effectively collected and analyzed to feed and speed up your OODA loop
    • Have a strategy for dramatically improving incident response and forensics

    Video

    Slides


    More Info
  • Cisco, Sourcefire and Lancope - Better Together
    February 28, 2014
    + View Summary

    Technology overview for Sourcefire FireSIGHT and Lancope StealthWatch including: 

    • Core features and functionality 
    • Market positioning and differentiators 
    • Technology integration for effective incident response

     

    Video

    Slides


    More Info
  • Protecting Retail Data from Cyber-Attacks
    February 12, 2014
    + View Summary

    Learn key concepts and techniques that will help you rapidly enhance your current cyber security efforts.

    • Get a complete view what is currently happening in the retail industry
    • Understand the concepts of NetFlow and how it can greatly enhance security efforts
    • Learn how attacks are injected into the network from the POS system, and ways to detect and remediate these attacks
    • Establish a means to recognize data exfiltration and learn techniques to prevent it

    Video

    Slides

     


    More Info
  • Ponemon Report: Cyber Security Incident Response: Are we as prepared as we think?
    January 29, 2014
    + View Summary

    According to a recent study conducted by the Ponemon Institute, most organizations are ill-prepared to fend off the continuous onslaught of advanced cyber-attacks facing today’s governments and enterprises.

    Learn about the key mistakes organizations are making when it comes to incident response, presented by the chairman and founder of the Ponemon Institute, Dr. Larry Ponemon, and Lancope’s director of security research, Tom Cross. Then learn about how the right mix of people, processes and technology can dramatically improve your incident response efforts and elevate the importance of the CSIRT within your organization.

    Video

    Slides


    More Info
  • HP Protects Massive, Global Network with StealthWatch
    November 19, 2013
    + View Summary

    Learn how HP relies on StealthWatch, along with its own HP Vertica solution, to:

     

    • improve network visibility and security across its enormously complex, global network
    • obtain in-depth information that enables its security teams to act more quickly and minimize potential damage
    • quickly detect anomalous activity, such as, DDoS, malware and network misuse

    “Network-based anomaly detection is a critical component of any enterprise cyber security framework…Lancope has proven to be a very effective addition to our cyber security arsenal.” 
    – Jim O’Shea, Network Security Architect, HP

    Video

    Slides


    More Info
  • Hunting Attackers with Network Audit Trails
    September 27, 2013
    + View Summary

    Apply network logging technologies such as NetFlow and IPFIX to the problem of detecting sophisticated, targeted attacks and create an audit trail of network activity.

    • Discover active attacks in each phase of the attacker’s “kill chain.”
    • Determine the scope of successful breaches and document the timeline of the attacks

    Video

    Slides


    More Info
  • The Insider Threat
    July 30, 2013
    + View Summary

    Traits exhibited by your best, smartest, and hardest working employee can be the same as those of the malicious (or sometimes even unwitting) insider.

    Learn how to:

    • Spot an insider threats
    • Identify their network activity
    • Incorporate best practices to protect your organization from the insider threat

    Video

    More Info
  • SCADA Security: The Five Stages of Cyber Grief
    May 15, 2013
    + View Summary

    Lancope’s Director of Security Research, Tom Cross, examines the five stages of grief that organizations seem to pass through as they come to terms with security risks, and how far we’ve come regarding Industrial Control Systems.

    Hear about:

    • The state of Control System security vulnerabilities
    • Attack activity that is prompting a change in perspective
    • The unique, long term challenges associated with protecting SCADA networks
    • How anomaly detection can play a key role in protecting SCADA systems now

    Video


    More Info